I have tried to use wireshark before just to get aquainted but now its needed. I seem to have a computer sending out massive amounts of e-mail. I have found a few traces of the culprit from my firewall logs but their seems to be more computers. My question is there any way of tracking whats getting sent through port 25. ANy help would be appreciated.
My environment: Exchange 2010 that sends my e-mail from in-house to the outside world. Mail is cleaned from the outside world to the inside from a third party which also holds my MX records.
The problem is inside to out and trying to finde the rouge machine.
asked 05 Jun '12, 18:45